BUILD 99 · PQC-SCOUT · NIST FIPS 203/204/205

PQC Migration

We run ML-KEM-768 in production on our own IPC. Your RSA and ECC keys are on borrowed time — and we've already proved it on IBM quantum hardware. PQC-Scout audits your cryptographic surface, scores your Q-Day exposure, and ships a 3-phase migration roadmap you can execute against CNSA 2.0 deadlines.

START A $2,500 ASSESSMENTSEE THE HORIZON TABLE

THE PROBLEM

Harvest now. Decrypt later. Already underway.

Nation-state adversaries are storing your encrypted TLS traffic today. They are not waiting for Q-Day to collect — they are waiting to decrypt. The MOSCA theorem is brutal: if X (data shelf life) + Y (migration time) > Z (years until cryptographically relevant quantum computers), you are already too late.

NIST finalized FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) in August 2024. CISA and the NSA published CNSA 2.0 with hard transition deadlines for critical infrastructure. The federal question isn't whether to migrate — it is how fast you can prove you did.

Most vendors will sell you a framework document. We already broke 17 ECC curves on IBM quantum hardware running Shor's algorithm. We know exactly which of your primitives fail first.

Q-DAY HORIZON TABLE

Which algorithms fall. When.

Derived from NIST IR 8547 §3.1, CNSA 2.0 timeline, and our own empirical ECC break results on ibm_fez. Every engagement anchors findings to this table.

RSA-2048
8 yrs
CRITICAL
Harvest-now window opens ~2030 · decrypt 2032+
RSA-4096
12 yrs
HIGH
Larger keys buy time · still falls to Shor
ECDSA-P256
8 yrs
CRITICAL
Matches RSA-2048 risk · signatures vulnerable
ECDH-P256
8 yrs
CRITICAL
Key exchange — highest HNDL exposure
ECDH-P384
10 yrs
HIGH
CNSA 1.0 baseline · CNSA 2.0 replaces it
AES-256
30+ yrs
SAFE
Grover halves effective strength · still 128-bit
SHA-256
30+ yrs
SAFE
Grover halves preimage · 128-bit margin
ML-KEM-768
50+ yrs
TARGET
FIPS 203 · Module-Lattice KEM · our production choice
ML-DSA-65
50+ yrs
TARGET
FIPS 204 · Module-Lattice Digital Signature
SLH-DSA-128f
50+ yrs
TARGET
FIPS 205 · Hash-based · stateless · conservative fallback

CRYPTOGRAPHIC SURFACES

Ten surfaces. Every one audited.

PQC-Scout enumerates these ten cryptographic surface categories from your stack description and tags every algorithm by deployment context, key size, and exposure tier.

01

TLS / HTTPS

Certificate chains, session handshake, mutual auth

02

Code Signing

Firmware, package signatures, CI/CD artifacts

03

At-Rest Storage

Disk encryption, DB encryption keys, backup ciphers

04

Key Exchange

Diffie-Hellman, ECDH, wrapped session keys

05

Firmware

Boot chains, BMC, iLO, Redfish, signed updates

06

API Authentication

JWT, OAuth signing keys, HMAC + asymmetric

07

VPN

IPsec IKE, WireGuard static keys, OpenVPN

08

Email

S/MIME, PGP, DKIM signing

09

PKI

Root CAs, intermediate certs, revocation lists

10

HSM / Key Vault

Hardware-bound keys, rotation policy, attestation

PQC-SCOUT PIPELINE

Five phases. One SATOR cycle.

01SEED

Asset ingestion

Supply your tech stack as a free-text description, asset inventory, or architecture diagram. PQC-Scout uses an LLM-powered extractor (Claude via Red tier) with a regex fallback — works offline, works on napkin sketches.

02NAVIGATE

Cryptographic surface enumeration

Ten surface categories extracted and classified: TLS, code signing, storage, key exchange, firmware, API auth, VPN, email, PKI, HSM. Every asset gets tagged with its active algorithm, key size, and deployment context.

03HOLD

Q-Day exposure scoring

Four-tier exposure model — CRITICAL / HIGH / MONITOR / SAFE — computed from NIST IR 8547 horizon tables, sector-specific data lifetime, and the MOSCA theorem X+Y+Z>T. φ-modulated priority scores (0–100) rank every finding.

04EXECUTE

3-phase migration roadmap

Phase 1: high-exposure key exchange and signing. Phase 2: at-rest and storage. Phase 3: archival and compliance tail. Every recommendation points to a specific FIPS 203/204/205 algorithm and CNSA 2.0 deadline.

05LOG

Signed report + audit trail

Report written to SATOR-HMAC signed SQLite WAL. Telegram digest. Optional blockchain anchor via OpenTimestamps for compliance attestation. Every claim reproducible from the same inputs.

EMPIRICAL PROOF

Not theorems. Hardware results.

17
ECC Curves Broken
IBM Quantum · Shor · 4–21 bit
768
ML-KEM Parameter
FIPS 203 · production IPC
X+Y+Z
MOSCA Theorem
NIST IR 8547 §3.1
10
Crypto Surfaces
Automatic enumeration

WHAT YOU GET

Four deliverables. One engagement.

EXECUTIVE

Board-ready exposure summary

One-page CRITICAL / HIGH / MONITOR / SAFE breakdown with sector-specific data lifetime analysis. The artifact a CISO shows the audit committee.

TECHNICAL

3-phase migration roadmap

Per-surface migration plan with target algorithms, key sizes, rollout sequence, and deadline anchors to CNSA 2.0, CISA BOD 23-02, and NSA M-23-02.

COMPLIANCE

NIST SP 800-227 documentation

Cryptographic inventory report in the exact format federal auditors ask for. Acceptable to DORA Art. 6, SWIFT CSP, ETSI GR-QSC-004 reviewers.

OPERATIONAL

Production reference architecture

We run ML-KEM-768 on our own IPC (src/ghost.py) with SATOR HMAC signing. You get the same reference implementation patterns we use ourselves.

Migrate before the adversary decrypts.

$2,500 initial assessment. 5 business days. Full cryptographic inventory, Q-Day exposure score, and phase-1 migration plan.

Enterprise engagements scale to $15K — $100K depending on scope. We run ML-KEM-768 in production — ask us.

REQUEST ASSESSMENTREAD THE Q-DAY PROOF← ALL SERVICES